“Somebody got promoted for this”, boss battle edition.
3
Discussion
Loading...
@mhoye I also wonder if this is a sign of internal dysfunction inside Google, where the Gemini team couldn't get a new API key type created and plumbed through Google's infrastructure so 'lol we'll (ab)use the existing keys, we can actually get that done'.
@[email protected] "I feel a great disturbance in the Force, as if a million security researches all face palmed at once..."
@mhoye @harrysintonen imagine how different the business world would be if bonuses had clawback provisions. The only way some security engineer didn’t flag this is if they were completely bypassed in the rush to ship.
1
@acdha @harrysintonen not sure it would help - “your bonus is being clawed back because it was based on a false premise” is the same as saying “this company’s internal controls are an unreliable shambles” and no company would admit to that, particularly at the executive level.
2
@mhoye you're right, it wouldn't solve everything. I think it'd rein in the worst metric juicing games over a longer timeframe. Thinking about how Google+ faked user counts by pushing Gmail/YouTube activity into it but like a year later they admitted most of them were only spending a few minutes per month using it.
It feels like a lot of AI stuff is having that same arc of stats slowly surfacing–seeing business press asking why e.g. Copilot reported monthly active users but not daily.
@mhoye
@acdha @harrysintonen
Or a company could try to establish such a policy to flex:
"The policy does not matter, because our internal controls are reliable! The other companies do not dare to implement this, because they know how bad their controls are!"